Full Disclosure: Re: One-Time Pad Authentication

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure mailing list archives

Re: One-Time Pad Authentication

From: Michael Sierchio <kudzu () tenebras com>
Date: Sun, 30 Nov 2003 17:21:30 -0800

Jonathan A. Zdziarski wrote:

I'm interested in coding a one-time pad authentication system; similar
to SecurID or other types of token authentication only with software
tokens.  The administrator would generate the one-time pads for each
user and distribute them using whatever secure method gets coded (PGP,

SSH, or whatever).


You've thereby reduced the security of a one-time pad to that of
the cryptologic and protocol used to distribute it.  Simply isn't
done, old chap.

Use:

        trusted courier;
        registered US mail;
        etc.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

By Date By Thread

Current thread:

One-Time Pad Authentication Jonathan A. Zdziarski (Nov 30)
- Re: One-Time Pad Authentication Jeremiah Cornelius (Nov 30)
- Re: One-Time Pad Authentication Michael Sierchio (Nov 30)
- Re: One-Time Pad Authentication Gary E. Miller (Nov 30)
- don't waste your time (was: Re: One-Time Pad Authentication) jon schatz (Nov 30)
- Re: One-Time Pad Authentication Eric Rescorla (Nov 30)
- Re: One-Time Pad Authentication Blue Boar (Nov 30)
  - Re: One-Time Pad Authentication Jonathan A. Zdziarski (Nov 30)